TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / e529e3b5f52163b38f5261eb80246f392eed4e83 / . / secure_fw / spm / ffm / psa_api.h
blob: 1c6707988ef73a4f3d3dd59a04cb4778d578abee [file] [log] [blame]
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]1/*
Shawn Shanb222d892021-01-04 17:41:48 +0800[diff] [blame]2 * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
Mingyang Sun133a7922021-07-08 16:01:26 +0800[diff] [blame]8#ifndef __PSA_API_H__
9#define __PSA_API_H__
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]10
11#include <stdint.h>
Mingyang Sun7397b4f2020-06-17 15:07:45 +0800[diff] [blame]12#include <stdbool.h>
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]13#include "psa/client.h"
Mingyang Sunb26b2802021-07-07 11:25:00 +0800[diff] [blame]14#include "psa/service.h"
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]15
Shawn Shanb222d892021-01-04 17:41:48 +0800[diff] [blame]16#define PROGRAMMER_ERROR_NULL
17#define TFM_PROGRAMMER_ERROR(ns_caller, error_status) \
18 do { \
19 if (ns_caller) { \
20 return error_status; \
21 } else { \
22 tfm_core_panic(); \
23 } \
24 } while (0)
25
Mingyang Sunb26b2802021-07-07 11:25:00 +0800[diff] [blame]26/* PSA Client API function body, for privileged use only. */
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]27
28/**
29 * \brief handler for \ref psa_framework_version.
30 *
31 * \return version The version of the PSA Framework implementation
32 * that is providing the runtime services.
33 */
Mingyang Sund44522a2020-01-16 16:48:37 +0800[diff] [blame]34uint32_t tfm_spm_client_psa_framework_version(void);
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]35
36/**
37 * \brief handler for \ref psa_version.
38 *
39 * \param[in] sid RoT Service identity.
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]40 *
41 * \retval PSA_VERSION_NONE The RoT Service is not implemented, or the
42 * caller is not permitted to access the service.
Jaykumar Pitambarbhai Patel3a986022019-10-08 17:37:15 +0530[diff] [blame]43 * \retval > 0 The version of the implemented RoT Service.
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]44 */
Mingyang Sun22a3faf2021-07-09 15:32:47 +0800[diff] [blame]45uint32_t tfm_spm_client_psa_version(uint32_t sid);
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]46
47/**
48 * \brief handler for \ref psa_connect.
49 *
50 * \param[in] sid RoT Service identity.
Jaykumar Pitambarbhai Patel3a986022019-10-08 17:37:15 +0530[diff] [blame]51 * \param[in] version The version of the RoT Service.
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]52 *
53 * \retval PSA_SUCCESS Success.
54 * \retval PSA_ERROR_CONNECTION_REFUSED The SPM or RoT Service has refused the
55 * connection.
56 * \retval PSA_ERROR_CONNECTION_BUSY The SPM or RoT Service cannot make the
57 * connection at the moment.
58 * \retval "Does not return" The RoT Service ID and version are not
59 * supported, or the caller is not permitted to
60 * access the service.
61 */
Mingyang Sun22a3faf2021-07-09 15:32:47 +0800[diff] [blame]62psa_status_t tfm_spm_client_psa_connect(uint32_t sid, uint32_t version);
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]63
64/**
65 * \brief handler for \ref psa_call.
66 *
67 * \param[in] handle Service handle to the established connection,
68 * \ref psa_handle_t
69 * \param[in] type The request type.
70 * Must be zero( \ref PSA_IPC_CALL) or positive.
71 * \param[in] inptr Array of input psa_invec structures.
72 * \ref psa_invec
73 * \param[in] in_num Number of input psa_invec structures.
74 * \ref psa_invec
75 * \param[in] outptr Array of output psa_outvec structures.
76 * \ref psa_outvec
77 * \param[in] out_num Number of outut psa_outvec structures.
78 * \ref psa_outvec
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]79 *
80 * \retval PSA_SUCCESS Success.
81 * \retval "Does not return" The call is invalid, one or more of the
82 * following are true:
83 * \arg An invalid handle was passed.
84 * \arg The connection is already handling a request.
85 * \arg An invalid memory reference was provided.
86 * \arg in_num + out_num > PSA_MAX_IOVEC.
87 * \arg The message is unrecognized by the RoT
88 * Service or incorrectly formatted.
89 */
Mingyang Sund44522a2020-01-16 16:48:37 +0800[diff] [blame]90psa_status_t tfm_spm_client_psa_call(psa_handle_t handle, int32_t type,
91 const psa_invec *inptr, size_t in_num,
Mingyang Sune529e3b2021-07-12 14:46:30 +0800[diff] [blame^]92 psa_outvec *outptr, size_t out_num);
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]93
94/**
95 * \brief handler for \ref psa_close.
96 *
97 * \param[in] handle Service handle to the connection to be closed,
98 * \ref psa_handle_t
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]99 *
100 * \retval void Success.
101 * \retval "Does not return" The call is invalid, one or more of the
102 * following are true:
103 * \arg An invalid handle was provided that is not
104 * the null handle.
105 * \arg The connection is handling a request.
106 */
Mingyang Sun22a3faf2021-07-09 15:32:47 +0800[diff] [blame]107void tfm_spm_client_psa_close(psa_handle_t handle);
David Hu733d8f92019-09-23 15:32:40 +0800[diff] [blame]108
Mingyang Sunb26b2802021-07-07 11:25:00 +0800[diff] [blame]109/* PSA Partition API function body, for privileged use only. */
110
111/**
112 * \brief Function body of \ref psa_wait.
113 *
114 * \param[in] signal_mask A set of signals to query. Signals that are not
115 * in this set will be ignored.
116 * \param[in] timeout Specify either blocking \ref PSA_BLOCK or
117 * polling \ref PSA_POLL operation.
118 *
119 * \retval >0 At least one signal is asserted.
120 * \retval 0 No signals are asserted. This is only seen when
121 * a polling timeout is used.
122 */
123psa_signal_t tfm_spm_partition_psa_wait(psa_signal_t signal_mask,
124 uint32_t timeout);
125
126/**
127 * \brief Function body of \ref psa_get.
128 *
129 * \param[in] signal The signal value for an asserted RoT Service.
130 * \param[out] msg Pointer to \ref psa_msg_t object for receiving
131 * the message.
132 *
133 * \retval PSA_SUCCESS Success, *msg will contain the delivered
134 * message.
135 * \retval PSA_ERROR_DOES_NOT_EXIST Message could not be delivered.
136 * \retval "PROGRAMMER ERROR" The call is invalid because one or more of the
137 * following are true:
138 * \arg signal has more than a single bit set.
139 * \arg signal does not correspond to an RoT Service.
140 * \arg The RoT Service signal is not currently
141 * asserted.
142 * \arg The msg pointer provided is not a valid memory
143 * reference.
144 */
145psa_status_t tfm_spm_partition_psa_get(psa_signal_t signal, psa_msg_t *msg);
146
147/**
148 * \brief Function body of \ref psa_set_rhandle.
149 *
150 * \param[in] msg_handle Handle for the client's message.
151 * \param[in] rhandle Reverse handle allocated by the RoT Service.
152 *
153 * \retval void Success, rhandle will be provided with all
154 * subsequent messages delivered on this
155 * connection.
156 * \retval "PROGRAMMER ERROR" msg_handle is invalid.
157 */
158void tfm_spm_partition_psa_set_rhandle(psa_handle_t msg_handle, void *rhandle);
159
160/**
161 * \brief Function body of \ref psa_read.
162 *
163 * \param[in] msg_handle Handle for the client's message.
164 * \param[in] invec_idx Index of the input vector to read from. Must be
165 * less than \ref PSA_MAX_IOVEC.
166 * \param[out] buffer Buffer in the Secure Partition to copy the
167 * requested data to.
168 * \param[in] num_bytes Maximum number of bytes to be read from the
169 * client input vector.
170 *
171 * \retval >0 Number of bytes copied.
172 * \retval 0 There was no remaining data in this input
173 * vector.
174 * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the
175 * following are true:
176 * \arg msg_handle is invalid.
177 * \arg msg_handle does not refer to a
178 * \ref PSA_IPC_CALL message.
179 * \arg invec_idx is equal to or greater than
180 * \ref PSA_MAX_IOVEC.
181 * \arg the memory reference for buffer is invalid or
182 * not writable.
183 */
184size_t tfm_spm_partition_psa_read(psa_handle_t msg_handle, uint32_t invec_idx,
185 void *buffer, size_t num_bytes);
186
187/**
188 * \brief Function body of psa_skip.
189 *
190 * \param[in] msg_handle Handle for the client's message.
191 * \param[in] invec_idx Index of input vector to skip from. Must be
192 * less than \ref PSA_MAX_IOVEC.
193 * \param[in] num_bytes Maximum number of bytes to skip in the client
194 * input vector.
195 *
196 * \retval >0 Number of bytes skipped.
197 * \retval 0 There was no remaining data in this input
198 * vector.
199 * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the
200 * following are true:
201 * \arg msg_handle is invalid.
202 * \arg msg_handle does not refer to a request
203 * message.
204 * \arg invec_idx is equal to or greater than
205 * \ref PSA_MAX_IOVEC.
206 */
207size_t tfm_spm_partition_psa_skip(psa_handle_t msg_handle, uint32_t invec_idx,
208 size_t num_bytes);
209
210/**
211 * \brief Function body of \ref psa_write.
212 *
213 * \param[in] msg_handle Handle for the client's message.
214 * \param[out] outvec_idx Index of output vector in message to write to.
215 * Must be less than \ref PSA_MAX_IOVEC.
216 * \param[in] buffer Buffer with the data to write.
217 * \param[in] num_bytes Number of bytes to write to the client output
218 * vector.
219 *
220 * \retval void Success
221 * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the
222 * following are true:
223 * \arg msg_handle is invalid.
224 * \arg msg_handle does not refer to a request
225 * message.
226 * \arg outvec_idx is equal to or greater than
227 * \ref PSA_MAX_IOVEC.
228 * \arg The memory reference for buffer is invalid.
229 * \arg The call attempts to write data past the end
230 * of the client output vector.
231 */
232void tfm_spm_partition_psa_write(psa_handle_t msg_handle, uint32_t outvec_idx,
233 const void *buffer, size_t num_bytes);
234
235/**
236 * \brief Function body of \ref psa_reply.
237 *
238 * \param[in] msg_handle Handle for the client's message.
239 * \param[in] status Message result value to be reported to the
240 * client.
241 *
242 * \retval void Success.
243 * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the
244 * following are true:
245 * \arg msg_handle is invalid.
246 * \arg An invalid status code is specified for the
247 * type of message.
248 */
249void tfm_spm_partition_psa_reply(psa_handle_t msg_handle, psa_status_t status);
250
251/**
252 * \brief Function body of \ref psa_norify.
253 *
254 * \param[in] partition_id Secure Partition ID of the target partition.
255 *
256 * \retval void Success.
257 * \retval "PROGRAMMER ERROR" partition_id does not correspond to a Secure
258 * Partition.
259 */
260void tfm_spm_partition_psa_notify(int32_t partition_id);
261
262/**
263 * \brief Function body of \ref psa_clear.
264 *
265 * \retval void Success.
266 * \retval "PROGRAMMER ERROR" The Secure Partition's doorbell signal is not
267 * currently asserted.
268 */
269void tfm_spm_partition_psa_clear(void);
270
271/**
272 * \brief Function body of \ref psa_eoi.
273 *
274 * \param[in] irq_signal The interrupt signal that has been processed.
275 *
276 * \retval void Success.
277 * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the
278 * following are true:
279 * \arg irq_signal is not an interrupt signal.
280 * \arg irq_signal indicates more than one signal.
281 * \arg irq_signal is not currently asserted.
282 * \arg The interrupt is not using SLIH.
283 */
284void tfm_spm_partition_psa_eoi(psa_signal_t irq_signal);
285
286/**
287 * \brief Function body of \ref psa_panic.
288 *
289 * \retval "Does not return"
290 */
291void tfm_spm_partition_psa_panic(void);
292
293/**
294 * \brief Function body of \ref psa_irq_enable.
295 *
296 * \param[in] irq_signal The signal for the interrupt to be enabled.
297 * This must have a single bit set, which must be the
298 * signal value for an interrupt in the calling Secure
299 * Partition.
300 *
301 * \retval void
302 * \retval "PROGRAMMER ERROR" If one or more of the following are true:
303 * \arg \a irq_signal is not an interrupt signal.
304 * \arg \a irq_signal indicates more than one signal.
305 */
306void tfm_spm_partition_irq_enable(psa_signal_t irq_signal);
307
308/**
309 * \brief Function body of psa_irq_disable.
310 *
311 * \param[in] irq_signal The signal for the interrupt to be disabled.
312 * This must have a single bit set, which must be the
313 * signal value for an interrupt in the calling Secure
314 * Partition.
315 *
316 * \retval 0 The interrupt was disabled prior to this call.
317 * 1 The interrupt was enabled prior to this call.
318 * \retval "PROGRAMMER ERROR" If one or more of the following are true:
319 * \arg \a irq_signal is not an interrupt signal.
320 * \arg \a irq_signal indicates more than one signal.
321 *
322 * \note The current implementation always return 1. Do not use the return.
323 */
324psa_irq_status_t tfm_spm_partition_irq_disable(psa_signal_t irq_signal);
325
326/**
327 * \brief Function body of \ref psa_reset_signal.
328 *
329 * \param[in] irq_signal The interrupt signal to be reset.
330 * This must have a single bit set, corresponding to a
331 * currently asserted signal for an interrupt that is
332 * defined to use FLIH handling.
333 *
334 * \retval void
335 * \retval "Programmer Error" if one or more of the following are true:
336 * \arg \a irq_signal is not a signal for an interrupt
337 * that is specified with FLIH handling in the Secure
338 * Partition manifest.
339 * \arg \a irq_signal indicates more than one signal.
340 * \arg \a irq_signal is not currently asserted.
341 */
342void tfm_spm_partition_psa_reset_signal(psa_signal_t irq_signal);
343
Mingyang Sun133a7922021-07-08 16:01:26 +0800[diff] [blame]344#endif /* __PSA_API_H__ */